Total
16247 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-3732 | 1 Ehoney Project | 1 Ehoney | 2024-11-21 | N/A | 6.3 MEDIUM |
| A vulnerability was found in seccome Ehoney and classified as critical. Affected by this issue is some unknown functionality of the file /api/v1/bait/set. The manipulation of the argument Payload leads to sql injection. The attack may be launched remotely. VDB-212414 is the identifier assigned to this vulnerability. | |||||
| CVE-2022-3729 | 1 Ehoney Project | 1 Ehoney | 2024-11-21 | N/A | 6.3 MEDIUM |
| A vulnerability, which was classified as critical, has been found in seccome Ehoney. This issue affects some unknown processing of the file /api/v1/attack. The manipulation of the argument AttackIP leads to sql injection. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-212411. | |||||
| CVE-2022-3714 | 1 Oretnom23 | 1 Online Medicine Ordering System | 2024-11-21 | N/A | 5.0 MEDIUM |
| A vulnerability classified as critical has been found in SourceCodester Online Medicine Ordering System 1.0. Affected is an unknown function of the file admin/?page=orders/view_order. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. VDB-212346 is the identifier assigned to this vulnerability. | |||||
| CVE-2022-3671 | 1 Elearning System Project | 1 Elearning System | 2024-11-21 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability classified as critical was found in SourceCodester eLearning System 1.0. This vulnerability affects unknown code of the file /admin/students/manage.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-212014 is the identifier assigned to this vulnerability. | |||||
| CVE-2022-3583 | 1 Canteen Management System Project | 1 Canteen Management System | 2024-11-21 | N/A | 7.3 HIGH |
| A vulnerability was found in SourceCodester Canteen Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login.php. The manipulation of the argument business leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-211192. | |||||
| CVE-2022-3579 | 1 Oretnom23 | 1 Cashier Queuing System | 2024-11-21 | N/A | 6.3 MEDIUM |
| A vulnerability classified as critical was found in SourceCodester Cashier Queuing System 1.0. This vulnerability affects unknown code of the file /queuing/login.php of the component Login Page. The manipulation of the argument username/password leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-211186 is the identifier assigned to this vulnerability. | |||||
| CVE-2022-3504 | 1 Sanitization Management System Project | 1 Sanitization Management System | 2024-11-21 | N/A | 6.3 MEDIUM |
| A vulnerability was found in SourceCodester Sanitization Management System and classified as critical. This issue affects some unknown processing of the file /php-sms/?p=services/view_service. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-210839. | |||||
| CVE-2022-3495 | 1 Simple Online Public Access Catalog Project | 1 Simple Online Public Access Catalog | 2024-11-21 | N/A | 7.3 HIGH |
| A vulnerability has been found in SourceCodester Simple Online Public Access Catalog 1.0 and classified as critical. This vulnerability affects unknown code of the file /opac/Actions.php?a=login of the component Admin Login. The manipulation of the argument username/password leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-210784. | |||||
| CVE-2022-3473 | 1 Oretnom23 | 1 Human Resource Management System | 2024-11-21 | N/A | 6.3 MEDIUM |
| A vulnerability classified as critical has been found in SourceCodester Human Resource Management System. This affects an unknown part of the file getstatecity.php. The manipulation of the argument ci leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-210717 was assigned to this vulnerability. | |||||
| CVE-2022-3472 | 1 Oretnom23 | 1 Human Resource Management System | 2024-11-21 | N/A | 6.3 MEDIUM |
| A vulnerability was found in SourceCodester Human Resource Management System. It has been rated as critical. Affected by this issue is some unknown functionality of the file city.php. The manipulation of the argument cityedit leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-210716. | |||||
| CVE-2022-3471 | 1 Oretnom23 | 1 Human Resource Management System | 2024-11-21 | N/A | 6.3 MEDIUM |
| A vulnerability was found in SourceCodester Human Resource Management System. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file city.php. The manipulation of the argument searccity leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-210715. | |||||
| CVE-2022-3470 | 1 Oretnom23 | 1 Human Resource Management System | 2024-11-21 | N/A | 6.3 MEDIUM |
| A vulnerability was found in SourceCodester Human Resource Management System. It has been classified as critical. Affected is an unknown function of the file getstatecity.php. The manipulation of the argument sc leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-210714 is the identifier assigned to this vulnerability. | |||||
| CVE-2022-3142 | 1 Basixonline | 1 Nex-forms | 2024-11-21 | N/A | 8.8 HIGH |
| The NEX-Forms WordPress plugin before 7.9.7 does not properly sanitise and escape user input before using it in SQL statements, leading to SQL injections. The attack can be executed by anyone who is permitted to view the forms statistics chart, by default administrators, however can be configured otherwise via the plugin settings. | |||||
| CVE-2022-3141 | 1 Cozmoslabs | 1 Translatepress | 2024-11-21 | N/A | 8.8 HIGH |
| The Translate Multilingual sites WordPress plugin before 2.3.3 is vulnerable to an authenticated SQL injection. By adding a new language (via the settings page) containing specific special characters, the backticks in the SQL query can be surpassed and a time-based blind payload can be injected. | |||||
| CVE-2022-3130 | 1 Online Driving School Project Project | 1 Online Driving School Project | 2024-11-21 | N/A | 7.3 HIGH |
| A vulnerability classified as critical has been found in codeprojects Online Driving School. This affects an unknown part of the file /login.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-207873 was assigned to this vulnerability. | |||||
| CVE-2022-3122 | 1 Oretnom23 | 1 Clinic\'s Patient Management System | 2024-11-21 | N/A | 6.3 MEDIUM |
| A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file medicine_details.php. The manipulation of the argument medicine leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-207854 is the identifier assigned to this vulnerability. | |||||
| CVE-2022-3120 | 1 Oretnom23 | 1 Clinic\'s Patient Management System | 2024-11-21 | N/A | 7.3 HIGH |
| A vulnerability classified as critical was found in SourceCodester Clinics Patient Management System. Affected by this vulnerability is an unknown functionality of the file index.php of the component Login. The manipulation of the argument user_name leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-207847. | |||||
| CVE-2022-3118 | 1 Erp System Project Project | 1 Erp System Project | 2024-11-21 | N/A | 7.3 HIGH |
| A vulnerability was found in Sourcecodehero ERP System Project. It has been rated as critical. This issue affects some unknown processing of the file /pages/processlogin.php. The manipulation of the argument user leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-207845 was assigned to this vulnerability. | |||||
| CVE-2022-3059 | 1 Schoolbox | 1 Schoolbox | 2024-11-21 | N/A | 8.6 HIGH |
| The application was vulnerable to multiple instances of SQL injection (authenticated and unauthenticated) through a vulnerable parameter. Due to the stacked query support, complex SQL commands could be crafted and injected into the vulnerable parameter and using a sleep based inferential SQL injection it was possible to extract data from the database. | |||||
| CVE-2022-3013 | 1 Simple Task Managing System Project | 1 Simple Task Managing System | 2024-11-21 | N/A | 6.3 MEDIUM |
| A vulnerability classified as critical has been found in SourceCodester Simple Task Managing System. This affects an unknown part of the file /loginVaLidation.php. The manipulation of the argument login leads to sql injection. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-207423. | |||||